sentry, an alternative to fail2ban and other bruteforce blocking daemons

25 Mar 2015

I’ve just migrated my servers from using fail2ban to sentry, and it feels quite efficient =), so I’m doing this post as a way to increase sentry awareness.

Sentry is a program who detects and prevents bruteforce attacks against sshd and other network services using minimal system resources. Instead of running a daemon who constantly reads log files it runs a perl script who uses tcpwrappers for tracking connections and blocking access by ip, tcpwrappers is already installed in most modern UNICES systems (Linux, Mac OSX and FreeBSD). So if you additionally have perl installed it adds 0 dependencies.